Investing in Containers with Anand Khatri (Part 2 of 2)
March 11, 2021 – By Simon Erickson
This is Part 2 of our two-part series on containers. To view Part 1, click here.
The software world is undergoing a fundamental change.
There is a trend brewing of using “containers” for new software development. Technically, containers offer a way to build and isolate the code and dependencies of individual software components, in a way that doesn’t interfere with the rest of a larger application. Bigger-picture, this allows apps to be built more quickly, more reliably, and more scalably.
Innovative companies like Netflix (Nasdaq: NFLX) were early-adopters of containers. They used them to build out a robust ecosystem that could continually be updated and improved. And while cutting-edge software developers have embraced containers, overall mass-market adoption still remains very low.
That could be a huge opportunity for investors.
In this two-part 7investing exclusive interview series, we chat with DevOps expert Anand Khatri about containers. Here in Part 2, Anand discusses several companies that could be excellent investment opportunities based upon this fast-growing trend.
Publicly-traded companies mentioned in this interview include Alphabet, CrowdStrike, Datadog, Dynatrace, Microsoft, Netflix, PagerDuty, Palo Alto Networks, Splunk, VMware, and Zscaler. 7investing’s advisors or its guests may have positions in the companies mentioned.
00:00 – Introduction: Investment opportunities who could benefit from containers
00:58 – Cloud Computing vendors: Google, AWS, and Microsoft Azure
7:56 – Container Orchestration: Kubernetes and Docker
9:45 – Container & Cloud Security: Palo Alto Networks, CrowdStrike, Lacework, and Zscaler
16:02 – Continuous Integration / Continuous Deployment: Jenkins, GitLab, and JFrog
18:00 – Container Monitoring and Alerting: Datadog, Splunk, Dynatrace, and PagerDuty
Simon Erickson 0:00
Anand, the audience we have here is mostly individual investors. You mentioned a couple of companies on this call already. We talked about Netflix, we talked about the cloud companies, the Microsoft’s, the Googles, the Amazon’s. You mentioned Data Dog – are there a couple other companies that you’re keeping an eye on in this space that you think play an important role as this ecosystem continues to develop?
Anand Khatri 0:23
In the next next slide, we will discuss the companies involved in this one. These are the companies mainly involved for in terms of containerization. And I will go over each individual company with a short synopsis, because we will not do the deep dive. If you do the deep dive each company requires one single individual episode
Simon Erickson 0:45
More podcasts in the future!
Anand Khatri 0:46
Yes, correct. But certainly, we will go over very, very briefly for each company. And I will also mention about what I’m holding and what I’m not holding at the same time. The first one is the Google Cloud. And in terms of the containers, I feel like Google is the leader. No doubt about it. And also, Google Cloud and Google Communities is born, I would say natively into the Google’s they have very native integrations. And also they have the advanced feature ahead after that. So if you compare that the communities version in AWS or Azure, Google will be always ahead, Google Cloud will always ahead, then the AWS because they have the dedicated team who contribute into them, communities or concerts or projects. And that’s the reason they are always ahead. And I feel like Google is the number one in terms of the container, one of the main one page of Google is the service mesh. The buildings and post service mesh their product, which basically create the service layer on top of the committee’s, which provides the ability to run the application Cloud-agnostic. Another strong trend that I’m seeing is the cloud-agnostic. And Google also made a survey recently. In that survey, 92% of the company thinks that they should have the cloud-agnostic capability for their application. So you can imagine that, that is the reason Google is building Anthos. And that is also built on top of the open source project called Istio, and it’s powerful. Istio is also very reliable, secure, and run your applications in Amazon AWS versus private cloud versus Google Cloud seamlessly and effortlessly. Now, next one is AWS. And by the way I own – I’m an investor in Google as well. Next one is AWS. AWS is the number one leader in the cloud. And they also have have Docker containers and community service and serverless containers offer it. And they are the number one in the cloud space, with 32% of the market share currently. And they are related, the number of services that they are launching every day is amazing. And the service offering is the highest so far into the AWS and the next one is that Microsoft Azure. And Microsoft Azure is currently at the second number with the 19% of the market share into Google Cloud. They also held the committee’s containers offering and all the some of the monitoring and logging and all those necessity of offering in their cloud services. And this is basically the foundation block for the next level of the applications. And I own all three of them. I’m invested in all three of them. I would like to share one small story about the Microsoft and why initially, I was not the Microsoft investor because I thought that they are lagging in the containerization and initial layer version of the Docker. They were not supported into Windows. That’s what I thought they are lagging and I never believed in that. But Microsoft CEO Satya Nadella came on board. He made that really important change that very few people – and also very few investors would know most of the time. Developers would know but very few industrial noise they made they’re offering in such a way this support the Docker containers into Windows, but they also make their solution like .Net. And those are their bread and butter. They made it open shores. First of all, and second of all, they made it in such a way that you can run onto the Linux. Imagine running the .Net, into the Linux and they also call the .Net core initial version of the .Net core came in 2016. And that’s where I changed my mind. And I initiated a position in 2017. And since then keep adding to it. And this is the fundamental change that I never thought that Microsoft would ever do it because they are more often enterprise offering an enterprise version, they are the one who is starting the open source and project like start offering their Windows framework, enter framework is an open source, that will be a huge leap for into the containerization world. Now into the next block.
Simon Erickson 6:05
I might just just to say one more thing about the cloud providers, it seems like all of them, you know, we typically talk about these kind of like closed ecosystems, right? Like everyone wants, oh, you’re locked into a certain vendor, but it doesn’t sound like that’s necessarily the case, right? I mean, between using Microsoft with Azure being open source now and being able to compatible with Linux, and things like that. In Google, you mentioned those, you know, their ecosystem for the cloud that’s playing nice with with others as well. I mean, it sounds like these companies are willing to open up these cloud ecosystems for developers to build in the way that they want them too.
Anand Khatri 6:41
And that is exactly the direction. The software in IT industry is quaint. It’s becoming more and more cloud agnostic. And the more it the cloud agnostic, and developers and engineers, finally, it was more helpful to the to the cloud providers for the adoption, because it doesn’t matter from from development perspective, doesn’t matter. My application runs into the Google or AWS, let’s say tomorrow. And you have seen there are outages into the Google and they went to Amazon, and even in Microsoft Azure, as well. So in those events, it will be easy for developers to switch back to the provider and run their applications. And lastly, they do all the tech industry, they don’t want to lose the customer to go away from their website or their the prime offerings.
Simon Erickson 7:37
Yeah, and their offering is typically based on their monetize, they’re making money off of the computing power and the storage that’s within those ecosystems, but they’re still recognizing, hey, we still, we want this to be cloud agnostic. We recognize customers have multi cloud strategies.
Anand Khatri 7:52
Right? That is absolutely true. The next block is a container orchestration. There are two powerful container orchestration tools one install Kubernetes and Docker own even have their own container orchestration to call the Docker Swarm. I personally haven’t used Docker Swarm, but I have I have compared Kubernetes with the Docker Swarm. And Kubernetes has the has the advantage over it and I love radius and the adoption of communities is also going higher. One of the things that Docker Swarm did that I was not happy with is because they did more of enterprise offering for the Docker swarm going versus open source. And I guess that is probably working out not working out. So far, it’s not going into the right direction, I can say that. And I’m seeing more and more adoption of the Kubernetes, which is open source. Now, in terms of when you run a containers, it’s important to have the container security as well as your cloud infrastructure security. So I’m not going more into the cloud infrastructure offering as infrastructure security right now, because we are focusing on containers I will try to forget, the only reason I included the cloud security is because of the Z scalar, which is providing the gateways with the IPS – IPS, intrusion protection system and data loss prevention system – and also the firewall offering and a secure access offering. And that directly, connect with them, connect with what communities is working on. So that is the reason I included but all other ones are more focused on to the clouds container security. One of the things is the Prisma Cloud, which is owned by Palo Alto Networks. Initially it was Twistlock – I hope listener may know about Palo Alto Networks bought Twistlock. And they rebranded to the Prisma Cloud. And they they are offering as a Prisma. Cloud. That is very important, because they do the security vulnerability scan and also do the live defenders container. Live defenders provide the lack of live defenders, which can scan for the security purpose. Another one is a cloud security CrowdStrike. CrowdStrike is also helping parents securing the containers and also the endpoints. This is the game changer. And I also have to say that recently, excuse me, they recently did announced acquisition of Humio, which is panning out really well. They are into the logging and monitoring, as well. So what they are trying to do is by what I’m understanding, and what, from the acquisition, and what I have read is their strategy is to bring in more observability into the security space, they are trying to implement the dev sec ops, more dev sec question is developer security and operation all together. And that is what they are trying to offer and creating a great model. And I’m very, very interested to see how they are pivot this whole new integration and into their current offering. Another one is a lace work, which I guess, the least known company into the container security space. And I’m not saying these are the time there are other other companies. But these are known mainly the public company or well known into the industry. And that’s the reason I have covered it. This week is a very less read, but they are also into the container security provide the scanning and live defenders and also wonder ability management, for containers. And as we discussed Z Scalar. Right. Z Scalar is is providing securing the API gateways and firewalls and with the IPS, you will mention that if this is a very good question. If Google Cloud AWS they have the firewalls and API gateway, why anyone will be uses this scaler. Right. And my argument to that question is that currently, Google Cloud doesn’t offer an IPS capability into their firewall, which is intrusion prevention system. In some of the regulated industries, like healthcare and financial, they need those kind of things. Or if you go for any security certification, not a sock one or sock two type, I’m talking about the HIPAA and high trust in those kinds of certificates.
They have the stringent requirement about those functionality. And that’s where Z Scalar, you have to use this scalar has a cloud native solution for all those things. It’s not an on premises solutions that they’re trying to sell as, as, as a cloud, one of the thing is, if you one of the company come into my mind is a checkpoint checkpoint is more of on premises solutions, they are trying to sell the name there as a as a cloud. And try to brand it as a cloud, but they are not as a cloud native, these are the these are the company are cloud native, easy to integrate, easy to easy to adopt. And that is the reason they are capturing market share. Out of this two out of this four company. I’m a share. I’m an investor into CrowdStrike and Z Scalar. ticker symbol is ZM CRWD.
Simon Erickson 13:40
Yeah, Anand I’d like to double click on that just a bit. You know, we talk about cybersecurity companies a lot. And there’s always talk of consolidation in this space, right? How many cybersecurity companies do you really need to work with? Is the driver of this based on the applications and how regulated that it is? And the demands for those specific offerings, like IPS that you mentioned, I mean, how many cybersecurity companies do you think that an organization needs to have versus just going with one that continues to expand its offering, whether that be firewalls, whether that be Endpoint Protection, whatever it might be?
Anand Khatri 14:18
So that the ideal answer is you just need a one with who provides all this capability. But that’s not the case, because there’s no one solution to provide these capabilities. So the things that provide by the Google firewall, but some of the they are lacking some of the functionality and features and that’s where these these firewalls exist killer and those are the other firewall providers are providing and that’s the reason you need those because you want it to go for that customer base into the very highly regulated environment, right. And that’s the reason they’re more there most of their advantage is the land and expand – to expand they have landed, right? So they help exploit those market and bring those customers on to the cloud. And that is the reason, I would say, as long as you have sprung far with API gateway identity access management and endpoint, your Endpoint Protection, and live defended, these are the five things that you need to have in your cloud infrastructure for the security. If you find the company who provide all this file, you just need one company.
Simon Erickson 15:32
You don’t need multiple companies. That’s amazing. At a conference last week, I’d heard that the average large organization has now got 70 cybersecurity vendors. And that just seems way too many to keep track of, first of all, that many relationships with your vendors in the first place. But just there’s got to be some consolidation. I see what you’re saying, it’s very hard to have one that offers everything. But it’s such an interesting space. And that’s why you see so many acquisitions, you mentioned several of them just now.
Anand Khatri 15:59
Okay, that’s true. Another one, when you have the containers, you have to push those containers to the production, you have to build the pipelines, CICD, continuous integration, continuous deployment pipelines to build those pipeline. One of the open source to Jenkins, which is really highly adopted into the industry, and in some of the there are some of the companies like Jenkins Plus and Cloudbees, they are creating the solution on top of Jenkins and provide answer offering but underlying, they are using Jenkins. Another one is the Gitalab. GitLab is still a private company, and they are having a nice solution for one and like a CI CD, but also the code repository, and for security dev sec ops model as well. And I’m very excited to see the progress into the GitLab, if they are coming public, I will keep a very close eye on it. Because if they are offering is a good and they are making significant progress into this space. Another one is a JFrog, which is now public, they are providing the Container Registry in storage. And also they are providing into faster releases and scanning for vulnerabilities like x ray and those kind of products and offerings into their portfolio. And and, and I would like to see JFrog is currently in my watch list I’m not invested yet, but I’m keeping a close eye on it. If I’m seeing a significant move and market share that they are gaining, I will be happy to invest in them. One of the things that I’m keeping an eye on their side is how they are preventing the faster release and deployment process to to their customers. And that’s what I’m watching very closely. And the last section is the observability our container monitoring and alerting. In this space is slightly crowded. Now a lot of competition is happening. One of the one of the thing is that dog data dog is providing logging, monitoring solutions, easy to integrate and put it in into the logs and easy to search your logs is build the dashboard out of those logs, you can build the SLO’s rights dashboard and offer as to your customers and things like that. Another one is a Splunk you hear is the someone will ask a question if you need Data Dog then why do you need Splunk? And in that, here is my here’s my answer to that question. Data Dog has a great product and offering but there are so there are some critical functions that they are lacking into it. And one of the functionality that Data dog is lacking is basically same security information and event management reality do not have security, the same capabilities on their platform. And Splunk is a leader into the same if you see the gardener 2020 quadrant, they are the number one into that corner quadrant – Splunk is number one in that quadrant. And recently I saw that Data Dog also acquired Timber Technologies, which is behind that factor. And they are helping into the security logs and audit logs and those kind of things. So I hope that data dog integrate their product into into the data that product offerings and bring those capabilities and features and functionality on their platform for their customers. If they bring it in, it will be a successful outcome. In my opinion, and it can go further because that’s then they can land more customers. And once they land, they can expand it. So, and these are the requirement coming from the highly regulated industries like financial industry, healthcare industry, and those kinds of industry. So to acquire those customers, they have to have those capabilities in Splunk, that that’s where Splunk is differentiating Splunk is also offering offering the logs and log management and alerting as well. Our third one is dynatrace. dynatrace is offering all the traces to your containers down to the since user create the request goes to the containers get the response back the whole entire trees that they can make it up, they are also expanding the capabilities of their platform into that observability.
And these are all about monitoring space. Out of these, I only own Data Dog. I’m not invested into the Splunk or dynatrace yet. And the last one is Pager Duty. Pager Duty is the elding solution, where you can easily integrate all those monitors keep monitor if something goes wrong with it will easily page you page to the correct team members so that they can jump on to the call fix the issues immediately. Or if and one of the thing is the Pager Duty is implementing the DevOps model correctly. And that’s the reason I’m an optimist about the Pager Duty solution. Because this is where Pager Duty is becoming helpful is most of the big companies, they have the mock system. So basically Network Management Center. So if anything goes wrong into your network, the knock team, it’s a physical person who caused the team member and then team member will escalate escalated do most of the big companies as this knock team, this is significant investment for the for the big companies. But if they adopt correct DevOps practices, they can leverage the Pager Duty solution, they can cut down the cost significantly. And that’s where the Pager Duty is helping because Pager Duty can edit from anywhere. And they have very tight knit integrations, to all the cloud providers, all the all the monitors, monitoring systems offerings available. And that is the reason I’m I’m super excited about the Pager Duty and how I wanted to see how their solution and their strategic spin up.
Simon Erickson 23:11
Yeah, this is quite a list. Anand this is fantastic. I would like to just maybe ask one question, I think spans a lot of the companies on this, but it’s been on my mind as an investor for quite some time, is the change in the pricing model for these. A lot of these are subscription based. But we’ve seen for several years, it’s been based on the number of users, right, you would charge based on how many seats you had for a license. And then it didn’t matter if you use it every single minute of the day, or you used it one time, throughout the month, you paid the same amount. But a lot of these are changing to usage based models, right. I know Splunk was kind of one of the first that was doing this based on how much machine data you were indexing. Right. But then now all of these alerts and you know, it’s it’s machines doing business with other machines, regardless of the human beings that are that are playing a part of this. Do you have thoughts on that as an investor on on how the pricing model for these works? And are some of these companies in terms of usage based? Do you think that they’re well positioned?
Anand Khatri 24:09
Yes, very good questions. And, and, yes, you are right about the Splunk usage base model, the other one of the first adopter in that model, and they successfully executed it also, so far. And some of the companies are very well positioned for usage base model. But some of the companies are not. Se for an example dynatrace. They are trying to switch from the the user base to the subscription base and it taking a significant time to adopt that model. And I don’t think they have they have pivoted so far, seamlessly. So I’m watching them how they are, how their model is changing and how quickly they are able to adapt and change. The landscape in a competitive landscape, right. But in terms of the containers, and container security space, they are very well positioned. Some of the things like this killer CrowdStrike, they are very well positioned. Imagine. And this is what’s interesting is, imagine if SAP has to containerize, their whole earpiece system in secure that they need all of these tools in their house to make that implement correctly. Well, one other thing is also I saw the similar problem into Pager Duty was also the similar way, they were slow into the migration from user base to the usage based but now I guess they are fully migrated. And I’m hoping next year or two, that strategy will pan out correctly, that will, that will make more sense for the investors data dog has a usage base, but the problem is there are Data dog has a lot of zombie cost, we call it zombie costs, because it’s
Simon Erickson 26:13
We’ve talked about it on Twitter.
Anand Khatri 26:17
So it’s like easy to get in, but let’s say if you want to remove it, you cannot easily remove it and if those kinds of solutions that companies is providing, then it will be very difficult for them to expand into the landed customers, because it will not be well received into the industry. And the engineers will figure it out eventually and they will find the better alternative solution if they will keep doing it. So not just to create integration, great product and services, but also in terms of the offerings. Like how easy to adopt, how easy to integrate with other systems and how is it to get in and out both not just in because industry Well, it’s not fair if you if you build just a one way street is to adopt but cannot get out of it. And if you want to get out of you have to psy for it – that ie something will not be well received into the industry and they will get a lot of backlash if they will continue doing it.
Simon Erickson 27:21
Yeah, this is this is fantastic. Anand I really appreciate your time walking us through what’s going on out there with containers is such a huge movement. It’s so innovative. It has such implications for so many companies and for investors like us. Thank you. Thank you very much for for spending so much time with us on the 7nvesting podcast today.
Anand Khatri 27:41
Thank you. Thanks a lot, Simon. I’m glad to be here. And happy to chat.
Simon Erickson 27:47
And thanks for tuning into this episode of our 7nvesting podcast. We are here to empower you to invest in your future. We are 7investing
Growth Style Investing with 7investing CEO Simon Erickson
This growth-style investing approach is exactly what is preferred by 7investing founder and CEO Simon Erickson. In a conversation with Robert Leonard of Millennial Investing...
7investing and YCharts Take Your Questions!
There are several metrics we consider before making our recommendations, such as profitability ratios, operating margins, and revenue of the company. To help us visualize...
The Changing Face of Retail with Dan Kline
7investing's very own Dan Kline chats with Simon Erickson about changes taking place in the retail industry.